<?php
include("../mysql_connect.php");
include("../error/upload.php");

$xml = simplexml_load_file('php://input'); 
//$xml = simplexml_load_string('<Comment Id="" Content="33333" MediaId="12681" User="rafale@thetigerparty.com" ></Comment>');
foreach( $xml->attributes( ) as $attr)
{
	$AttrArray[] = $attr;
}
$CommentId = $AttrArray[0];
$Comment = $AttrArray[1];
$MediaId = $AttrArray[2];
$UserName = $AttrArray[3];
$Date = $AttrArray[4];


 	$sltSqlCommand = "SELECT idUSER FROM USER WHERE Email = '".$UserName."'";
 	$sltResult = mysql_query($sltSqlCommand);
 	$sltRow = mysql_fetch_array($sltResult);
 	
 	$userId = $sltRow['idUSER'];
 	
 	$strSqlCommand = "INSERT INTO COMMENTS (Comment, USER_idUSER, MEDIA_idMEDIA, ModifyTime)
 						VALUES ('".$Comment."', '".$userId."', '".$MediaId."', '".$Date."')";
	 
	if (!mysql_query($strSqlCommand)) {
		die(mysql_error());
	 	echo "<Error Message=\"".mysql_error()."\" Domain=\"Configuration\" />";
		saveError("Comment", NULL, date("Y-m-d H:i:s"), mysql_error());
	 	return;
	}
	
	if (mysql_insert_id()!=0) {
		$CommentId = mysql_insert_id();
		echo '<Success Message="The requested Information was accepted" CommentId="'.$CommentId.'" Domain="Configuration" />';
	}
?>
